FIX: ServerXMLHTTP Does Not Return Cookies Using NTLM Authentication

Symptoms

You can use the ServerXMLHTTP object to retrieve and resubmit session cookies. You can retrieve the cookie from the Response header and resubmit the cookie through the Request Header. Everything works as you expect when you use the Anonymous authentication method. However, when you use the NTLM authentication method, and you resubmit the cookie, the cookie is lost.

Resolution

To resolve this problem, use one of the following methods:

Method 1: Install MDAC 2.7 Service Pack 1 (SP1). This contains MSXML 3.0 SP3, which contains the fix. MDAC 2.7 SP1 is available for download at the following Microsoft Web site:

Status

Microsoft has confirmed that this is a bug in the ServerXMLHTTP component. It has been fixed in the latest release of MSXML 3.0 SP3, which is included with MDAC 2.7 SP1.

More Information

Steps to Reproduce the Behavior

In Windows Explorer, create a folder that is named Test in the root folder of your Web server THe root folder is typically found in the following location: C:\Inetpub\Wwwroot\.

In the left pane of Internet Information Services, right-click the Default Web Site, create a Virtual directory that is named Test, and then point this Virtual directory to the Test folder that you created earlier in the root folder of your Web server.